-
Notifications
You must be signed in to change notification settings - Fork 84
Expand file tree
/
Copy pathmismatched-memory-management-cpp.yaml
More file actions
67 lines (67 loc) · 2.08 KB
/
mismatched-memory-management-cpp.yaml
File metadata and controls
67 lines (67 loc) · 2.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
rules:
- id: raptor-mismatched-memory-management-cpp
metadata:
author: Marco Ivaldi <raptor@0xdeadbeef.info>
category: security
subcategory:
- vuln
vulnerability_class: Memory Issues
likelihood: LOW
impact: MEDIUM
confidence: LOW
technology:
- cpp
cwe:
- "CWE-762: Mismatched Memory Management Routines"
owasp:
- A06:2025 - Insecure Design
references:
- https://github.com/struct/mms
- https://docs.microsoft.com/en-us/cpp/sanitizers/asan-error-examples
message: >-
The software attempts to return a memory resource to the system, but
it calls a release function that is not compatible with the function
that was originally used to allocate that resource.
Due to inherent limitations of Semgrep, this rule might generate many
false positives and should therefore be customized for your codebase.
severity: INFO
languages:
- cpp
# NOTE: `valloc`, `reallocf`, `aligned_alloc`, and custom wrappers are not covered.
# NOTE: overloaded operators, `VirtualAlloc/VirtualFree`, and `mmap/munmap` are not covered.
pattern-either:
# free
- patterns:
- pattern: free($PTR)
- pattern-not-inside: |
$PTR = malloc(...);
...
- pattern-not-inside: |
$PTR = calloc(...);
...
- pattern-not-inside: |
$PTR = realloc(...);
...
- pattern-not-inside: |
$PTR = strdup(...);
...
- pattern-not-inside: |
$PTR = strndup(...);
...
# delete[]
- patterns:
- pattern: delete[]($PTR)
- pattern-not-inside: |
$PTR = new $_[$_];
...
# delete
- patterns:
- pattern: delete($PTR)
- pattern-not-inside: |
$PTR = new $_;
...
- patterns:
- pattern: delete($PTR)
- pattern-inside: |
$PTR = new $_[$_];
...